Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevented possible NULL dereference in fib6nhinit syzbot reminds us that in6devget can return NULL. fib6nhinit ip6validategw &idev ip6routechecknh idev idev = in6devgetdev; // can be NULL Oops: general protection fault,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004282)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004282 advisory. A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6rulelookup, sometimes holding rt6info and other times...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002324)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002324 advisory. The ip6appenddatamtu function in net/ipv6/ip6output.c in the IPv6 implementation in the Linux kernel through 3.10.3 does not properly maintain information about...

UBUNTU-CVE-2025-40135

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6xmit Use RCU in ip6xmit in order to use dstdevrcu to prevent possible UAF...

kernel: ipv6: use RCU protection in ip6_default_advmss()

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6defaultadvmss ip6defaultadvmss needs rcu protection to make sure the net structure it reads does not disappear...

CVE-2025-52951

CVE-2025-52951 describes a Protection Mechanism Failure in Juniper Networks Junos OS where kernel filter processing mishandles the payload-protocol match, causing firewall terms to effectively accept all traffic destined for the control plane IPv6 traffic. Affected Junos OS versions include all p...

CVE-2022-49903

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix WARNING in ip6routenetexitlate During the initialization of ip6routenetinitlate, if file ipv6route or rt6stats fails to be created, the initialization is successful by default. Therefore, the ipv6route or rt6stats file...

CVE-2025-22005 ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix memleak of nhcpcpurthoutput in fibchecknhv6gw. fibchecknhv6gw expects that fib6nhinit cleans up everything when it fails. Commit 7dd73168e273 "ipv6: Always allocate pcpu memory in a fib6nh" moved fibnhcommoninit before...

kernel: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()

A vulnerability was found in the Linux kernel's IPv6 handling in the xfrm6getsaddr function, where the issue occurs when ip6dstidev returns NULL, leading to a null pointer dereference and resulting in a general protection fault...

SUSE CVE-2013-4125

The fib6addrt2node function in net/ipv6/ip6fib.c in the IPv6 stack in the Linux kernel through 3.10.1 does not properly handle Router Advertisement RA messages in certain circumstances involving three routes that initially qualified for membership in an ECMP route set until a change occurred for...

SUSE CVE-2014-7207

A certain Debian patch to the IPv6 implementation in the Linux kernel 3.2.x through 3.2.63 does not properly validate arguments in ipv6selectident function calls, which allows local users to cause a denial of service NULL pointer dereference and system crash by leveraging 1 tun or 2 macvtap devic...

SUSE CVE-2021-45485

In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/outputcore.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses...

CVE-2020-1608 Junos OS: MX Series: In BBE configurations, receipt of a specific MPLS or IPv6 packet causes a Denial of Service

Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device configured for Broadband Edge BBE service may trigger a kernel crash vmcore, causing the device to reboot. The issue is specific to the processing of packets destined to BBE clients connected to MX Serie...